[ale] Linux 2.2.19 IPCHAINS Firewall + FTP woes
Thomas Holmquist
fishy at ipa.net
Thu Jul 24 20:45:05 EDT 2003
No, the only time you need to open up more than one port is when your
doing passive FTP, and even then you can tell the FTP daemon to only use
a small range of ports, so setting a DMZ on your router is not needed
Dow Hurst wrote:
> Switch to scp. Don't use ftp to connect to a machine inside your
> firewall from the Internet. You need a DMZ or exposed server to
> provide ftp services.
> Dow
>
>
> Nathan J. Underwood wrote:
>
>> An associate has a linux firewall running RH Linux (kernel 2.2.19),
>> ipchains
>> 1.3.9 to protect a small firm (~5 users). This has worked well in
>> the past, but
>> now he needs to put a FTP server behind it (currently has webserver,
>> and mail
>> server behind it). It's been a very long time since I've worked with
>> the 2.2.x
>> kernel, and an ipchains firewall for that matter, but I definately
>> remember
>> losing some hair over trying to get FTP to work from behind it. We
>> can get to
>> the box, and log into the FTP server, but we are unable to get a
>> directory
>> listing. I have verified that ip_masq_ftp is loaded, but lsmod
>> reports that
>> it's unused (see below). Any ideas? What am I missing? Many thanks
>>
>> lsmod
>> Module Size Used by
>> ip_masq_ftp 3740 0 (unused)
>> ip_masq_portfw 2656 48
>>
>>
>>
>>
>
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
More information about the Ale
mailing list